LimaCharlieMost AI SOC products hide the logic.
Workflows are fixed, customization requires a support ticket, and when an agent makes a decision you disagree with, there's no rule to read and no way to change it.
LimaCharlie's agentic SOC-as-code works differently.
Every rule and agent decision is fully inspectable. If an agent makes a call you disagree with, you can read the rule that triggered it, understand why, and change it.
Three prebuilt configurations are available in LimaCharlie's public GitHub repo, each designed for a different stage of operational maturity:
The Baselining SOC is built for noisy, newly onboarded environments that need FP suppression before real-time triage makes sense.
The Lean SOC runs four agents through a full L1-to-L2 workflow with minimal overhead.
The Tiered SOC mirrors a mature, full-featured SOC with specialist agents for malware analysis, threat hunting, and hourly SLA monitoring.
All three can be running in an afternoon.
Read the full breakdown, including per-alert cost models for each configuration: https://limacharlie.io/blog/using-agentic-soc-as-code-to-right-size-your-ai-operations
